Database error?

stephen barncard stephenREVOLUTION2 at barncard.com
Sat Apr 11 21:16:24 CEST 2015


On Sat, Apr 11, 2015 at 8:41 AM, Dr. Hawkins <dochawk at gmail.com> wrote:

> But they would need the encryption key, too.
>
> mySQL *can* be set to take only secure connections, can't it?  Postgres
> can, but runrev inexplicably hasn't seen fit to add the line of code to
> allow this connection to be made; only for mySQL
>
>
> > Even more scary is how hackers can get into a system using a "I forgot my
> > password" form with SQL injection, lots of examples on the web.
> >
>
> But https solves that, doesn't it?
>

At Dreamhost, mySQL security is determined by the connecting IP number, if
that's a help. If it's not coming from your IP, no access.
Of course somebody will have to maintain the IPs at the webhost, and that
may not be practical for a distribution.

--
Stephen Barncard - Sebastopol Ca. USA - Deeds Not Words


More information about the use-livecode mailing list